package org.apache.qpid.server.model.port;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.SettableFuture;
import java.io.IOException;
import java.io.StringWriter;
import java.net.SocketAddress;
import java.security.GeneralSecurityException;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.TreeSet;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.Subject;
import org.apache.qpid.server.configuration.BrokerProperties;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.logging.messages.BrokerMessages;
import org.apache.qpid.server.logging.messages.PortMessages;
import org.apache.qpid.server.logging.subjects.PortLogSubject;
import org.apache.qpid.server.model.ConfiguredObject;
import org.apache.qpid.server.model.Container;
import org.apache.qpid.server.model.DefaultVirtualHostAlias;
import org.apache.qpid.server.model.HostNameAlias;
import org.apache.qpid.server.model.KeyStore;
import org.apache.qpid.server.model.ManagedAttributeField;
import org.apache.qpid.server.model.ManagedObjectFactoryConstructor;
import org.apache.qpid.server.model.NamedAddressSpace;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.SystemConfig;
import org.apache.qpid.server.model.Transport;
import org.apache.qpid.server.model.TrustStore;
import org.apache.qpid.server.model.VirtualHostAlias;
import org.apache.qpid.server.model.VirtualHostNameAlias;
import org.apache.qpid.server.plugin.ProtocolEngineCreator;
import org.apache.qpid.server.plugin.QpidServiceLoader;
import org.apache.qpid.server.plugin.TransportProviderFactory;
import org.apache.qpid.server.transport.AcceptingTransport;
import org.apache.qpid.server.transport.PortBindFailureException;
import org.apache.qpid.server.transport.TransportProvider;
import org.apache.qpid.server.util.PortUtil;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
import org.apache.qpid.transport.network.security.ssl.QpidMultipleTrustManager;
import org.apache.qpid.transport.network.security.ssl.SSLUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/qpid/server/model/port/AmqpPortImpl.class */
public class AmqpPortImpl extends AbstractClientAuthCapablePortWithAuthProvider<AmqpPortImpl> implements AmqpPort<AmqpPortImpl> {
    public static final String DEFAULT_BINDING_ADDRESS = "*";

    @ManagedAttributeField
    private boolean _tcpNoDelay;

    @ManagedAttributeField
    private String _bindingAddress;

    @ManagedAttributeField
    private int _maxOpenConnections;

    @ManagedAttributeField
    private int _threadPoolSize;

    @ManagedAttributeField
    private int _numberOfSelectors;
    private final AtomicInteger _connectionCount;
    private final AtomicBoolean _connectionCountWarningGiven;
    private final Container<?> _container;
    private final AtomicBoolean _closing;
    private final SettableFuture _noConnectionsRemain;
    private AcceptingTransport _transport;
    private SSLContext _sslContext;
    private volatile int _connectionWarnCount;
    private volatile long _protocolHandshakeTimeout;
    private static final Logger LOGGER = LoggerFactory.getLogger(AmqpPortImpl.class);
    private static final Comparator<VirtualHostAlias> VIRTUAL_HOST_ALIAS_COMPARATOR = new Comparator<VirtualHostAlias>() { // from class: org.apache.qpid.server.model.port.AmqpPortImpl.1
        @Override // java.util.Comparator
        public int compare(VirtualHostAlias virtualHostAlias, VirtualHostAlias virtualHostAlias2) {
            int priority = virtualHostAlias.getPriority() - virtualHostAlias2.getPriority();
            if (priority == 0) {
                long time = (virtualHostAlias.getCreatedTime() == null ? 0L : virtualHostAlias.getCreatedTime().getTime()) - (virtualHostAlias2.getCreatedTime() == null ? 0L : virtualHostAlias2.getCreatedTime().getTime());
                if (time == 0) {
                    priority = virtualHostAlias.getName().compareTo(virtualHostAlias2.getName());
                } else {
                    priority = time < 0 ? -1 : 1;
                }
            }
            return priority;
        }
    };

    @ManagedObjectFactoryConstructor
    public AmqpPortImpl(Map<String, Object> map, Container<?> container) {
        super(map, container);
        this._connectionCount = new AtomicInteger();
        this._connectionCountWarningGiven = new AtomicBoolean();
        this._closing = new AtomicBoolean();
        this._noConnectionsRemain = SettableFuture.create();
        this._container = container;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int getThreadPoolSize() {
        return this._threadPoolSize;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int getNumberOfSelectors() {
        return this._numberOfSelectors;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public SSLContext getSSLContext() {
        return this._sslContext;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public String getBindingAddress() {
        return this._bindingAddress;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public boolean isTcpNoDelay() {
        return this._tcpNoDelay;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int getMaxOpenConnections() {
        return this._maxOpenConnections;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.qpid.server.model.AbstractConfiguredObject
    public void onCreate() {
        super.onCreate();
        final HashMap hashMap = new HashMap();
        hashMap.put("name", VirtualHostNameAlias.TYPE_NAME);
        hashMap.put("type", VirtualHostNameAlias.TYPE_NAME);
        hashMap.put(ConfiguredObject.DURABLE, true);
        final HashMap hashMap2 = new HashMap();
        hashMap2.put("name", DefaultVirtualHostAlias.TYPE_NAME);
        hashMap2.put("type", DefaultVirtualHostAlias.TYPE_NAME);
        hashMap2.put(ConfiguredObject.DURABLE, true);
        final HashMap hashMap3 = new HashMap();
        hashMap3.put("name", HostNameAlias.TYPE_NAME);
        hashMap3.put("type", HostNameAlias.TYPE_NAME);
        hashMap3.put(ConfiguredObject.DURABLE, true);
        Subject.doAs(getSubjectWithAddedSystemRights(), new PrivilegedAction<Object>() { // from class: org.apache.qpid.server.model.port.AmqpPortImpl.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                AmqpPortImpl.this.createChild(VirtualHostAlias.class, hashMap, new ConfiguredObject[0]);
                AmqpPortImpl.this.createChild(VirtualHostAlias.class, hashMap2, new ConfiguredObject[0]);
                AmqpPortImpl.this.createChild(VirtualHostAlias.class, hashMap3, new ConfiguredObject[0]);
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.qpid.server.model.port.AbstractPort, org.apache.qpid.server.model.AbstractConfiguredObject
    public void onOpen() {
        super.onOpen();
        this._protocolHandshakeTimeout = ((Long) getContextValue(Long.class, AmqpPort.PROTOCOL_HANDSHAKE_TIMEOUT)).longValue();
        this._connectionWarnCount = ((Integer) getContextValue(Integer.class, AmqpPort.OPEN_CONNECTIONS_WARN_PERCENT)).intValue();
    }

    @Override // org.apache.qpid.server.model.AbstractConfiguredObject
    public <C extends ConfiguredObject> ListenableFuture<C> addChildAsync(Class<C> cls, Map<String, Object> map, ConfiguredObject... configuredObjectArr) {
        return VirtualHostAlias.class.isAssignableFrom(cls) ? getObjectFactory().createAsync(cls, map, this) : super.addChildAsync(cls, map, configuredObjectArr);
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public NamedAddressSpace getAddressSpace(String str) {
        TreeSet treeSet = new TreeSet(VIRTUAL_HOST_ALIAS_COMPARATOR);
        treeSet.addAll(getChildren(VirtualHostAlias.class));
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            NamedAddressSpace addressSpace = ((VirtualHostAlias) it.next()).getAddressSpace(str);
            if (addressSpace != null) {
                return addressSpace;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.qpid.server.model.port.AbstractPort
    public State onActivate() {
        if (((SystemConfig) getAncestor(SystemConfig.class)).isManagementMode()) {
            return State.QUIESCED;
        }
        Set<Transport> transports = getTransports();
        TransportProvider transportProvider = null;
        HashSet hashSet = new HashSet(transports);
        for (TransportProviderFactory transportProviderFactory : new QpidServiceLoader().instancesOf(TransportProviderFactory.class)) {
            if (transportProviderFactory.getSupportedTransports().contains(transports)) {
                transportProvider = transportProviderFactory.getTransportProvider(hashSet);
            }
        }
        if (transportProvider == null) {
            throw new IllegalConfigurationException("No transport providers found which can satisfy the requirement to support the transports: " + transports);
        }
        if (transports.contains(Transport.SSL) || transports.contains(Transport.WSS)) {
            this._sslContext = createSslContext();
        }
        try {
            this._transport = transportProvider.createTransport(hashSet, this._sslContext, this, getProtocols(), getDefaultAmqpSupportedReply());
            this._transport.start();
            Iterator<Transport> it = getTransports().iterator();
            while (it.hasNext()) {
                this._container.getEventLogger().message(BrokerMessages.LISTENING(String.valueOf(it.next()), Integer.valueOf(this._transport.getAcceptingPort())));
            }
            return State.ACTIVE;
        } catch (PortBindFailureException e) {
            this._container.getEventLogger().message(PortMessages.BIND_FAILED(getType().toUpperCase(), Integer.valueOf(getPort())));
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.qpid.server.model.AbstractConfiguredObject
    public ListenableFuture<Void> beforeClose() {
        this._closing.set(true);
        if (this._connectionCount.get() == 0) {
            this._noConnectionsRemain.set((Object) null);
        }
        return this._noConnectionsRemain;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.qpid.server.model.AbstractConfiguredObject
    public void onClose() {
        if (this._transport != null) {
            Iterator<Transport> it = getTransports().iterator();
            while (it.hasNext()) {
                this._container.getEventLogger().message(BrokerMessages.SHUTTING_DOWN(String.valueOf(it.next()), Integer.valueOf(this._transport.getAcceptingPort())));
            }
            this._transport.close();
        }
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int getNetworkBufferSize() {
        return this._container.getNetworkBufferSize();
    }

    @Override // org.apache.qpid.server.model.AbstractConfiguredObject
    public void validateOnCreate() {
        super.validateOnCreate();
        String bindingAddress = getBindingAddress();
        if (PortUtil.isPortAvailable(bindingAddress, getPort())) {
            return;
        }
        Object[] objArr = new Object[2];
        objArr[0] = Integer.valueOf(getPort());
        objArr[1] = (bindingAddress == null || "".equals(bindingAddress)) ? "*" : bindingAddress;
        throw new IllegalConfigurationException(String.format("Cannot bind to port %d and binding address '%s'. Port is already is use.", objArr));
    }

    @Override // org.apache.qpid.server.model.port.AbstractClientAuthCapablePortWithAuthProvider, org.apache.qpid.server.model.port.AbstractPortWithAuthProvider, org.apache.qpid.server.model.port.AbstractPort, org.apache.qpid.server.model.AbstractConfiguredObject
    public void onValidate() {
        super.onValidate();
        if (getChildren(VirtualHostAlias.class).size() == 0) {
            LOGGER.warn("{} has no virtualhost aliases defined.  No AMQP connections will be possible through this port until at least one alias is added.", this);
        }
        validateThreadPoolSettings(this);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.qpid.server.model.port.AbstractClientAuthCapablePortWithAuthProvider, org.apache.qpid.server.model.port.AbstractPortWithAuthProvider, org.apache.qpid.server.model.port.AbstractPort, org.apache.qpid.server.model.AbstractConfiguredObject
    public void validateChange(ConfiguredObject<?> configuredObject, Set<String> set) {
        super.validateChange(configuredObject, set);
        AmqpPort amqpPort = (AmqpPort) configuredObject;
        if (set.contains(AmqpPort.THREAD_POOL_SIZE) || set.contains("numberOfSelectors")) {
            validateThreadPoolSettings(amqpPort);
        }
    }

    private void validateThreadPoolSettings(AmqpPort amqpPort) {
        if (amqpPort.getThreadPoolSize() < 1) {
            throw new IllegalConfigurationException(String.format("Thread pool size %d on Port %s must be greater than zero.", Integer.valueOf(amqpPort.getThreadPoolSize()), getName()));
        }
        if (amqpPort.getNumberOfSelectors() < 1) {
            throw new IllegalConfigurationException(String.format("Number of Selectors %d on Port %s must be greater than zero.", Integer.valueOf(amqpPort.getNumberOfSelectors()), getName()));
        }
        if (amqpPort.getThreadPoolSize() <= amqpPort.getNumberOfSelectors()) {
            throw new IllegalConfigurationException(String.format("Number of Selectors %d on Port %s must be greater than the thread pool size %d.", Integer.valueOf(amqpPort.getNumberOfSelectors()), getName(), Integer.valueOf(amqpPort.getThreadPoolSize())));
        }
    }

    private SSLContext createSslContext() {
        TrustManager[] trustManagerArr;
        KeyStore keyStore = getKeyStore();
        Collection<TrustStore> trustStores = getTrustStores();
        if ((((Boolean) getAttribute(Port.NEED_CLIENT_AUTH)).booleanValue() || ((Boolean) getAttribute(Port.WANT_CLIENT_AUTH)).booleanValue()) && trustStores.isEmpty()) {
            throw new IllegalConfigurationException("Client certificate authentication is enabled on AMQP port '" + getName() + "' but no trust store defined");
        }
        try {
            SSLContext tryGetSSLContext = SSLUtil.tryGetSSLContext();
            KeyManager[] keyManagers = keyStore.getKeyManagers();
            if (trustStores == null || trustStores.isEmpty()) {
                trustManagerArr = null;
            } else if (trustStores.size() == 1) {
                trustManagerArr = trustStores.iterator().next().getTrustManagers();
            } else {
                ArrayList arrayList = new ArrayList();
                QpidMultipleTrustManager qpidMultipleTrustManager = new QpidMultipleTrustManager();
                Iterator<TrustStore> it = trustStores.iterator();
                while (it.hasNext()) {
                    TrustManager[] trustManagers = it.next().getTrustManagers();
                    if (trustManagers != null) {
                        for (TrustManager trustManager : trustManagers) {
                            if (trustManager instanceof X509TrustManager) {
                                qpidMultipleTrustManager.addTrustManager((X509TrustManager) trustManager);
                            } else {
                                arrayList.add(trustManager);
                            }
                        }
                    }
                }
                if (!qpidMultipleTrustManager.isEmpty()) {
                    arrayList.add(qpidMultipleTrustManager);
                }
                trustManagerArr = (TrustManager[]) arrayList.toArray(new TrustManager[arrayList.size()]);
            }
            tryGetSSLContext.init(keyManagers, trustManagerArr, null);
            return tryGetSSLContext;
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("Unable to create SSLContext for key or trust store", e);
        }
    }

    private Protocol getDefaultAmqpSupportedReply() {
        String str = getContextKeys(false).contains(BrokerProperties.PROPERTY_DEFAULT_SUPPORTED_PROTOCOL_REPLY) ? (String) getContextValue(String.class, BrokerProperties.PROPERTY_DEFAULT_SUPPORTED_PROTOCOL_REPLY) : null;
        Protocol protocol = null;
        if (str != null && str.length() != 0) {
            try {
                protocol = Protocol.valueOf("AMQP_" + str.substring(1));
            } catch (IllegalArgumentException e) {
                LOGGER.warn("The configured default reply ({}) is not a valid value for a protocol.  This value will be ignored", str);
            }
        }
        Set<Protocol> protocols = getProtocols();
        if (protocol != null && !protocols.contains(protocol)) {
            LOGGER.warn("The configured default reply ({}) to an unsupported protocol version initiation is not supported on this port.  Only the following versions are supported: {}", str, protocols);
            protocol = null;
        }
        return protocol;
    }

    public static Set<Protocol> getInstalledProtocols() {
        HashSet hashSet = new HashSet();
        Iterator it = new QpidServiceLoader().instancesOf(ProtocolEngineCreator.class).iterator();
        while (it.hasNext()) {
            hashSet.add(((ProtocolEngineCreator) it.next()).getVersion());
        }
        return hashSet;
    }

    public static Collection<String> getAllAvailableProtocolCombinations() {
        Set<Protocol> installedProtocols = getInstalledProtocols();
        HashSet<Set> hashSet = new HashSet();
        Iterator<Protocol> it = installedProtocols.iterator();
        while (it.hasNext()) {
            hashSet.add(Collections.singleton(it.next().name()));
        }
        HashSet<Set> hashSet2 = new HashSet(hashSet);
        for (int i = 1; i < installedProtocols.size(); i++) {
            HashSet hashSet3 = new HashSet();
            for (Set set : hashSet) {
                for (Protocol protocol : installedProtocols) {
                    if (!set.contains(protocol.name())) {
                        HashSet hashSet4 = new HashSet(set);
                        hashSet4.add(protocol.name());
                        hashSet3.add(hashSet4);
                    }
                }
            }
            hashSet2.addAll(hashSet3);
            hashSet = hashSet3;
        }
        HashSet hashSet5 = new HashSet(hashSet2.size());
        ObjectMapper objectMapper = new ObjectMapper();
        for (Set set2 : hashSet2) {
            try {
                StringWriter stringWriter = new StringWriter();
                Throwable th = null;
                try {
                    try {
                        objectMapper.writeValue(stringWriter, set2);
                        hashSet5.add(stringWriter.toString());
                        if (stringWriter != null) {
                            if (0 != 0) {
                                try {
                                    stringWriter.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                stringWriter.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (IOException e) {
                throw new IllegalArgumentException("Unexpected IO Exception generating JSON string", e);
            }
        }
        return Collections.unmodifiableSet(hashSet5);
    }

    public static Collection<String> getAllAvailableTransportCombinations() {
        HashSet<Set> hashSet = new HashSet();
        Iterator it = new QpidServiceLoader().instancesOf(TransportProviderFactory.class).iterator();
        while (it.hasNext()) {
            hashSet.addAll(((TransportProviderFactory) it.next()).getSupportedTransports());
        }
        HashSet hashSet2 = new HashSet(hashSet.size());
        ObjectMapper objectMapper = new ObjectMapper();
        for (Set set : hashSet) {
            try {
                StringWriter stringWriter = new StringWriter();
                Throwable th = null;
                try {
                    try {
                        objectMapper.writeValue(stringWriter, set);
                        hashSet2.add(stringWriter.toString());
                        if (stringWriter != null) {
                            if (0 != 0) {
                                try {
                                    stringWriter.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                stringWriter.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (IOException e) {
                throw new IllegalArgumentException("Unexpected IO Exception generating JSON string", e);
            }
        }
        return Collections.unmodifiableSet(hashSet2);
    }

    public static String getInstalledProtocolsAsString() {
        Set<Protocol> installedProtocols = getInstalledProtocols();
        ObjectMapper objectMapper = new ObjectMapper();
        try {
            StringWriter stringWriter = new StringWriter();
            Throwable th = null;
            try {
                try {
                    objectMapper.writeValue(stringWriter, installedProtocols);
                    String stringWriter2 = stringWriter.toString();
                    if (stringWriter != null) {
                        if (0 != 0) {
                            try {
                                stringWriter.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            stringWriter.close();
                        }
                    }
                    return stringWriter2;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new ServerScopedRuntimeException(e);
        }
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int incrementConnectionCount() {
        int incrementAndGet = this._connectionCount.incrementAndGet();
        int maxOpenConnections = getMaxOpenConnections();
        if (maxOpenConnections > 0 && incrementAndGet > (maxOpenConnections * this._connectionWarnCount) / 100 && this._connectionCountWarningGiven.compareAndSet(false, true)) {
            this._container.getEventLogger().message(new PortLogSubject(this), PortMessages.CONNECTION_COUNT_WARN(Integer.valueOf(incrementAndGet), Integer.valueOf(this._connectionWarnCount), Integer.valueOf(maxOpenConnections)));
        }
        return incrementAndGet;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int decrementConnectionCount() {
        int decrementAndGet = this._connectionCount.decrementAndGet();
        int maxOpenConnections = getMaxOpenConnections();
        if (maxOpenConnections > 0 && decrementAndGet < (maxOpenConnections * square(this._connectionWarnCount)) / 10000) {
            this._connectionCountWarningGiven.compareAndSet(true, false);
        }
        if (this._closing.get() && this._connectionCount.get() == 0) {
            this._noConnectionsRemain.set((Object) null);
        }
        return decrementAndGet;
    }

    private static int square(int i) {
        return i * i;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public boolean canAcceptNewConnection(SocketAddress socketAddress) {
        String obj = socketAddress.toString();
        if (this._closing.get()) {
            this._container.getEventLogger().message(new PortLogSubject(this), PortMessages.CONNECTION_REJECTED_CLOSED(obj));
            return false;
        }
        if (this._maxOpenConnections <= 0 || this._connectionCount.get() < this._maxOpenConnections) {
            return true;
        }
        this._container.getEventLogger().message(new PortLogSubject(this), PortMessages.CONNECTION_REJECTED_TOO_MANY(obj, Integer.valueOf(this._maxOpenConnections)));
        return false;
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public int getConnectionCount() {
        return this._connectionCount.get();
    }

    @Override // org.apache.qpid.server.model.port.AmqpPort
    public long getProtocolHandshakeTimeout() {
        return this._protocolHandshakeTimeout;
    }
}
